> I hope this will be only in SLES10 and won't be default for SUSE Linux 10.1.
> What does bug 144356 say?

I would like to read it too, since it looks like the reasons for that
change are stated there.

Anyway, IIRC, Mandriva uses console-helper/pam rules to allow console
users to run shutdown (+halt/reboot) without root password, but require
it if the very same user is connected from SSH session. Also, they have
5 "security levels", each of them with different levels of "paranoia",
and that (no root pass) works for levels 1 to 3, while levels 4 and 5
enforce the root password always.

Maybe a sysconfig key could enable/disable that "feature" (asking for
root pass). But, as I said, I would like to see the referenced ticket to
know why they decided that.